Cyber criminals get visual on YouTube

11 Jun 2007

Web users are being warned that hackers are using a new crimeware technique that attempts to dupe users into viewing a YouTube video masquerading as a Trojan horse.

In what is an ironic twist on the current situation that sees music companies and sports TV firms suing YouTube for allegedly distributing stolen content, users who download the mysterious file end up seeing their own information being stolen.

According to internet security firm Websense, users who stumble onto the YouTube decoy end up downloading a Trojan horse. A file called YouTube04567 is then downloaded onto a user’s PC.

The payload code is a Trojan horse designed to grab information from the user’s PC. It then uploads any sensitive information from the user’s PC to an undisclosed remote location.

Websense says that although it has captured this code on the web it is highly likely that there are still email and instant message lures for this URL still lingering on the web.

The company has created a simple video of the code in action and, for ironic value, posted it on YouTube at

By John Kennedy